<?
require_once('version.inc');
require_once('dbaccess.inc');
require_once('language.inc');
require_once('header.inc');
require_once('crypt.inc');
require_once('settings.inc');
require_once('helper.inc');

if (isset($_REQUEST['mi'])) { $knopf = 30; $headline = 5; }
/*
0: Verwalter
1: Administrator
2: Projektleiter
3: Mitarbeiter
4: Kontroller
5: Kein Zugang!
6: Ressourcenmanager
7: Revisor
*/
$drm = array(true, false, true, true, false, true, false, true);

require_once('menu.inc');

function EditMitarbeiter() {
	global $menu;
	global $headline;
	global $rstufe;
	global $unum;

	# Zunaechst pruefen wir, ob der Anwender ueberhaupt dazu berechtigt
	# ist.
	if ($rstufe != 1 && $rstufe != 4 && $rstufe != 6) {
	   Error(GetMessage(-1, 50, "Berechtigungsfehler!"));
	   return;
	}

	$nav = "menu=$menu&headline=$headline";
	echo "<form name=\"edit_mi\" action=\"edit_mi.php\" method=\"post\">\n";
	echo "<input type=\"hidden\" name=\"headline\" value=\"$headline\">\n";
	echo "<input type=\"hidden\" name=\"menu\" value=\"$menu\">\n";
	echo "<input type=\"hidden\" name=\"minew\" value=\"minew\">\n";

	if ($rstufe != 4) {
	   echo "<table class=\"indent\"><tr><td>";
	   Button("Neuer Mitarbeiter", "edit_mi");
	   echo "</td></tr></table>\n";
	}

	$db = OpenDB();
	$query = "select count(*) from mitarbeiter";
	$result = QueryDB($db, $query);
	$data = fetchDB($result, 0);

	if ($data[0] > 0) {
	   echo "<table class=\"sel\">\n";
	   echo "<tr><th class=\"sel\">Aktion</th><th class=\"sel\">Name</th>";
	   echo "<th class=\"sel\">Land</th><th class=\"sel\">Rolle</th></tr>\n";

	   $query = "select mi_num, mi_vname, mi_nname, mi_land, mi_rstufe ";
	   $query .= "from mitarbeiter order by mi_nname, mi_vname";
	   $result = QueryDB($db, $query);
	   $numrows = numrowsDB($result);
	   $row = 0;

	   while ($row < $numrows) {
	      $data = fetchDB($result, $row);
	      $mi_num = $data[0];
	      $mi_vname = $data[1];
	      $mi_nname = $data[2];
	      $mi_land = $data[3];
	      $mi_rstufe = $data[4];

	      $query = "select kl_land from key_land where kl_num = $mi_land";
	      $result2 = QueryDB($db, $query);
	      $data = fetchDB($result2, 0);
	      $land = $data[0];

	      $query = "select count(*) from allocation where al_ressource = $mi_num";

	      if (!($result2 = QueryDB($db, $query))) {
	         closeDB($db);
	         return;
	      }

	      $data = fetchDB($result2, 0);
	      $anz = $data[0];

	      $query = "select count(*) from wdone where wd_minum = $mi_num";

	      if (!($result2 = QueryDB($db, $query))) {
	         closeDB($db);
	         return;
	      }

	      $data = fetchDB($result2, 0);
	      $anz += $data[0];

	      $query = "select count(*) from project where pr_pl = $mi_num or pr_plav = $mi_num";

	      if (!($result2 = QueryDB($db, $query))) {
	         closeDB($db);
	         return;
	      }

	      $data = fetchDB($result2, 0);
	      $anz += $data[0];
	      echo "<tr><td class=\"sel\"><a href=\"#\" onClick=\"javascript:MoveTo('edit_mi.php','miedit=$mi_num&$nav')\"><img src=\"image/edit.png\" border=0 alt=\"Edit\"></a>";

	      if ($rstufe != 4 && $anz <= 0)
	         echo "<a href=\"#\" onClick=\"javascript:MoveTo('edit_mi.php','midel=$mi_num&$nav')\"><img src=\"image/editdelete.png\" border=0 alt=\"Loeschen\"></a>";

	      echo "</td>\n";
	      echo "<td class=\"sel\">$mi_nname $mi_vname</td><td class=\"sel\">$land</td>";
	      echo "<td class=\"sel\">";

	      switch ($mi_rstufe) {
	         case 0: echo "Verwalter"; break;
	         case 1: echo "Administrator"; break;
	         case 2: echo "Projektleiter"; break;
	         case 3: echo "Mitarbeiter"; break;
	         case 4: echo "Kontroller"; break;
	         case 5: echo "Kein Zugang!"; break;
	         case 6: echo "Ressourcenmanager"; break;
	         case 7: echo "Revisor"; break;
	      }

	      echo "</td></tr>\n";
	      $row++;
	   }

	   echo "</table>\n";

	   if ($rstufe != 4) {
	      echo "<table class=\"indent\"><tr><td>";
	      Button("Neuer Mitarbeiter", "edit_mi");
	      echo "</td></tr></table>\n";
	   }
	}

	echo "</form>\n";
	closeDB($db);
}

function Tagsatz($db, $mi_num=0) {
	global $menu;
	global $headline;
	global $verrmodul;
	global $stdwhg;
	global $dtformatshort;
	global $VisualDate;

	if (!$verrmodul)
	   return true;

	if (!isset($mi_num) || $mi_num <= 0) {
	   $update = false;
	   $ini_array = parse_ini_file("setup/ration.dat");
	   $tg_valid_from = date($dtformatshort);
	   $tg_amount = $ini_array['amount'];
	   $tg_nightr = $ini_array['nightr'];
	   $tg_ration = $ini_array['ration'];
	   $tg_kmcar = $ini_array['kmcar'];
	   $tg_kmdrain = $ini_array['kmdrain'];
	   $tg_kmplain = $ini_array['kmplain'];
	   $tg_whg = $stdwhg;
	} else {
	   $update = true;
	   $dtdb = GetDBDateFormat();
	   $query = "select tg_num, tg_amount, tg_nightr, tg_ration, ";
	   $query .= "tg_kmcar, tg_kmdrain, tg_kmplain, tg_whg, to_char(tg_valid_from, '$dtdb') ";
	   $query .= "from tagsatz where tg_minum = $mi_num and ";
	   $query .= "tg_valid_to is NULL";

	   if (!($result = QueryDB($db, $query)))
	      return false;

	   if (numrowsDB($result) > 0) {
	      $data = fetchDB($result, 0);
	      $tg_num = $data[0];
	      $tg_amount = $data[1];
	      $tg_nightr = $data[2];
	      $tg_ration = $data[3];
	      $tg_kmcar = $data[4];
	      $tg_kmdrain = $data[5];
	      $tg_kmplain = $data[6];
	      $tg_whg = $data[7];
	      $tg_valid_from = $data[8];
	      echo "<input type=\"hidden\" name=\"tg_num\" value=\"$tg_num\">\n";
	   } else {
	      $ini_array = parse_ini_file("setup/ration.dat");
	      $tg_valid_from = $ini_array['valid_from'];

	      if (isset($tg_valid_from) && strlen($tg_valid_from) == 10) {
	         $darr = explode("-", $tg_valid_from);
	         $dt = mktime(0, 0, 0, $darr[1], $darr[2], $darr[0]);
	         $tg_valid_from = date($dtformatshort, $dt);
	      } else
	         $tg_valid_from = date($dtformatshort);

	      $tg_amount = $ini_array['amount'];
	      $tg_nightr = $ini_array['nightr'];
	      $tg_ration = $ini_array['ration'];
	      $tg_kmcar = $ini_array['kmcar'];
	      $tg_kmdrain = $ini_array['kmdrain'];
	      $tg_kmplain = $ini_array['kmplain'];
	      $tg_whg = $stdwhg;
	   }
	}

	$query = "select wh_whg from key_whg where wh_num = $tg_whg";

	if (!($result = QueryDB($db, $query)))
	   return false;

	$data = fetchDB($result, 0);
	$wh_whg = $data[0];
?>
   <tr>
      <th class="sel" colspan=2>Verrechnung</th>
   </tr>
   <tr>
      <td>Betr&auml;ge g&uuml;ltig ab (<? echo "$VisualDate"; ?>):</td>
      <td><input type="text" class="inputmust" name="tg_valid_from" value="<? echo "$tg_valid_from"; ?>" size=10 maxlength=10 onChange="javascript:CheckDate(this, false)"></td>
   </tr>
   <tr>
      <td>Tagsatz:</td>
      <td><input type="text" class="inputmust" name="tg_amount" value="<? echo FormatNum($tg_amount, 2); ?>" size=16 maxlength=16><? echo "$wh_whg"; ?></td>
   </tr>
   <tr>
      <td>N&auml;chtigungspauschale:</td>
      <td><input type="text" name="tg_nightr" value="<? echo FormatNum($tg_nightr, 2); ?>" size=16 maxlength=16><? echo "$wh_whg"; ?></td>
   </tr>
   <tr>
      <td>Tagesdi&auml;ten:</td>
      <td><input type="text" name="tg_ration" value="<? echo FormatNum($tg_ration, 2); ?>" size=16 maxlength=16><? echo "$wh_whg"; ?></td>
   </tr>
   <tr>
      <td>Kilometerpauschale PKW:</td>
      <td><input type="text" name="tg_kmcar" value="<? echo FormatNum($tg_kmcar, 2); ?>" size=16 maxlength=16><? echo "$wh_whg"; ?></td>
   </tr>
   <tr>
      <td>Kilometerpauschale Zug:</td>
      <td><input type="text" name="tg_kmdrain" value="<? echo FormatNum($tg_kmdrain, 2); ?>" size=16 maxlength=16><? echo "$wh_whg"; ?></td>
   </tr>
   <tr>
      <td>Kilometerpauschale Flugzeug:</td>
      <td><input type="text" name="tg_kmplain" value="<? echo FormatNum($tg_kmplain, 2); ?>" size=16 maxlength=16><? echo "$wh_whg"; ?></td>
   </tr>
   <tr>
      <td>W&auml;hrung:</td>
      <td><select name="tg_whg">
<?
	$query = "select wh_num, wh_whg, wh_bez from key_whg order by wh_num";

	if (!($result = QueryDB($db, $query)))
	   return false;

	$rows = numrowsDB($result);
	$j = 0;

	while ($j < $rows) {
	   $data = fetchDB($result, $j);
	   $wh_num = $data[0];
	   $wh_whg = $data[1];
	   $wh_bez = $data[2];

	   echo "<option value=\"$wh_num\"";

	   if ($wh_num == $tg_whg)
	      echo " selected";

	   echo ">$wh_whg $wh_bez</option>\n";
	   $j++;
	}
?>
          </select>
      </td>
   </tr>
<?
}

function NewMi($unum, $headline, $menu, $rstufe) {
	$db = OpenDB();
?>
<form name="edit" action="edit_mi.php" method="post">
<input type="hidden" name="unum" value="<? echo "$unum"; ?>">
<input type="hidden" name="headline" value="6">
<input type="hidden" name="menu" value="<? echo "$menu"; ?>">
<input type="hidden" name="rstufe" value="<? echo "$rstufe"; ?>">
<input type="hidden" name="func" value="CheckNewMi">
<br>
<table class="indent"><tr><td>
<?php
	ButtonLink(GetMessage($db, 21, "Zur&uuml;ck"), "forms.php", "unum=$unum&headline=$headline&menu=$menu&rstufe=$rstufe");
?>
</td></tr></table>
<table class="input">
   <tr>
      <th class="sel" colspan = 2><? Output($db, 51, "Neuen Mitarbeiter anlegen"); ?></th>
   </tr>
   <tr>
      <td><? Output($db, 52, "Vorname:"); ?></td>
      <td><input type="text" class="inputmust" name="vname" size=40 maxlength=50></td>
   </tr>
   <tr>
      <td><? Output($db, 53, "Nachname:"); ?></td>
      <td><input type="text" class="inputmust" name="nname" size=40 maxlength=50></td>
   </tr>
   <tr>
      <td><? Output($db, 54, "Land:"); ?></td>
      <td><select name="land"><?php
	$query = "select kl_num, kl_land from key_land order by kl_land";
	$result = QueryDB($db, $query);
	$numrows = numrowsDB($result);
	$row = 0;

	while ($row < $numrows) {
	   $data = fetchDB($result, $row);
	   $kl_num = $data[0];
	   $kl_land = $data[1];
	   echo "<option value=\"$kl_num\">$kl_land</option>\n";
	   $row++;
	}
?>
         </select>
      </td>
   </tr>
   <tr>
      <td><? Output($db, 55, "Abteilung:"); ?></td>
      <td><select name="abt"><?php
	$query = "select ka_num, ka_abt from key_abt order by ka_abt";
	$result = QueryDB($db, $query);
	$numrows = numrowsDB($result);
	$row = 0;

	while ($row < $numrows) {
	   $data = fetchDB($result, $row);
	   $ka_num = $data[0];
	   $ka_abt = $data[1];
	   echo "<option value=\"$ka_num\">$ka_abt</option>\n";
	   $row++;
	}
?>
         </select>
      </td>
   </tr>
   <tr>
      <td><? Output($db, 56, "Telefonnummer:"); ?></td>
      <td><input type="text" name="tel" size=30 maxlength=50></td>
   </tr>
   <tr>
      <td><? Output($db, 57, "E-Mailadresse:"); ?></td>
      <td><input type="text" name="mail" size=40 maxlength=80></td>
   </tr>
   <tr>
      <td><? Output($db, 58, "Planbar:"); ?></td>
      <td><input type="checkbox" name="planbar" value="1" checked></td>
   </tr>
   <tr>
      <td><? Output($db, 59, "Sprache:"); ?></td>
      <td><select name="mi_lang">
             <option value="ger">Deutsch</option>
             <option value="eng">English</option>
	  </select>
      </td>
   </tr>
<?
	Tagsatz($db);
?>
   <tr>
      <th class="sel" colspan=2><? Output($db, 60, "Zugangsdaten"); ?></th>
   </tr>
   <tr>
      <td><? Output($db, 61, "Benutzername:"); ?></td>
      <td><input type="text" class="inputmust" name="userid" size=8 maxlength=8></td>
   </tr>
      <td><? Output($db, 62, "Berechtigungsstufe:"); ?></td>
      <td><select name="mi_rstufe">
             <option value="0"><? Output($db, 63, "Verwaltung (nur!)"); ?></option>
	     <option value="1"><? Output($db, 64, "Administrator"); ?></option>
	     <option value="2"><? Output($db, 65, "Projektleiter"); ?></option>
	     <option value="3"><? Output($db, 66, "Mitarbeiter"); ?></option>
	     <option value="4"><? Output($db, 67, "Kontroller"); ?></option>
	     <option value="5"><? Output($db, 68, "Kein Zugang"); ?></option>
	     <option value="6"><? Output($db, 69, "Ressourcenmanager"); ?></option>
	     <option value="7"><? Output($db, 70, "Revisor"); ?></option>
	  </select>
      </td>
   </tr>
   <tr>
      <td><? Output($db, 71, "Passwort:"); ?></td>
      <td><input type="password" class="inputmust" name="pass1" size=8 maxlength=8></td>
   </tr>
   <tr>
      <td><? Output($db, 72, "Passwort Vergleich:"); ?></td>
      <td><input type="password" name="pass2" size=8 maxlength=8></td>
   </tr>
</table>
<table class="indent"><tr><td>
<?
	ButtonSubmit(GetMessage($db, 45, "Speichern"), "edit");
?>
</td></tr></table>
</form>
<?
	closeDB($db);
}

function EditMi($minum, $unum, $headline, $menu, $rstufe) {
	global $verrmodul;
	global $verrmodul;
	$db = OpenDB();

	if ($minum > 0) {
	   $query = "select mi_vname, mi_nname, mi_land, mi_abt, mi_tel,";
	   $query = $query . "mi_mail, mi_rstufe, mi_userid, mi_passwd, mi_hacker, mi_plan, mi_lang ";
	   $query = $query . "from mitarbeiter where mi_num = $minum";
	   $result = QueryDB($db, $query);
	   $numrows = numrowsDB($result);

	   if ($numrows != 1) {
	      Error(GetMessage($db, 73, "Error: Mitarbeiter %d wurde nicht gefunden!", $minum));
	      return;
	   }

	   $data = fetchDB($result, 0);
	   $mi_vname = $data[0];
	   $mi_nname = $data[1];
	   $mi_land = $data[2];
	   $mi_abt = $data[3];
	   $mi_tel = $data[4];
	   $mi_mail = $data[5];
	   $mi_rstufe = $data[6];
	   $mi_userid = $data[7];
	   $mi_passwd = $data[8];
	   $mi_hacker = $data[9];
	   $mi_plan = $data[10];
	   $mi_lang = trim($data[11]);

	   if (CheckTrue($mi_plan))
	      $mi_plan = 1;
	   else
	      $mi_plan = 0;
	} else {
	   $mi_vname = $_REQUEST['vname'];
	   $mi_nname = $_REQUEST['nname'];
	   $mi_land = $_REQUEST['land'];
	   $mi_abt = $_REQUEST['abt'];
	   $mi_tel = $_REQUEST['tel'];
	   $mi_mail = $_REQUEST['mail'];
	   $mi_rstufe = $_REQUEST['mi_rstufe'];
	   $mi_userid = $_REQUEST['userid'];
	   $mi_passwd = $_REQUEST['pass1'];
	   $mi_plan = $_REQUEST['planbar'];
	   $mi_hacker = $_REQUEST['mi_hacker'];
	   $mi_lang = $_REQUEST['mi_lang'];
	   echo "<p class=\"cry\">" . GetMessage($db, 84, "Eingabefehler!") . "</p>\n";
	}
?>
<form name="edit" action="edit_mi.php" method="post">
<input type="hidden" name="unum" value="<? echo "$unum"; ?>">
<?php
	if ($minum <= 0) {
	   echo "<input type=\"hidden\" name=\"headline\" value=\"6\">\n";
	} else {
	   echo "<input type=\"hidden\" name=\"headline\" value=\"7\">\n";
	}
?>
<input type="hidden" name="menu" value="<? echo "$menu"; ?>">
<input type="hidden" name="rstufe" value="<? echo "$rstufe"; ?>">
<input type="hidden" name="minum" value="<? echo "$minum"; ?>">
<?php
	if ($minum > 0)
	   echo "<input type=\"hidden\" name=\"func\" value=\"CheckEditMi\">\n";
	else
	   echo "<input type=\"hidden\" name=\"func\" value=\"CheckNewMi\">\n";

	echo "<br><table class=\"indent\"><tr><td>\n";
	ButtonLink(GetMessage($db, 21, "Zur&uuml;ck"), "forms.php", "unum=$unum&headline=$headline&menu=$menu&rstufe=$rstufe");
?>
</td></tr></table>
<table class="input">
   <tr>
      <th class="sel" colspan=2><? Output($db, 74, "Mitarbeiter editieren"); ?></th>
   </tr>
   <tr>
      <td><? Output($db, 52, "Vorname:"); ?></td>
      <td><input type="text" class="inputmust" name="vname" value="<? echo "$mi_vname"; ?>" <? if ($rstufe == 4 && !$verrmodul) echo "disabled"; ?> size=40 maxlength=50></td>
   </tr>
   <tr>
      <td><? Output($db, 53, "Nachname:"); ?></td>
      <td><input type="text" class="inputmust" name="nname" value="<? echo "$mi_nname"; ?>" <? if ($rstufe == 4 && !$verrmodul) echo "disabled"; ?> size=40 maxlength=50></td>
   </tr>
   <tr>
      <td><? Output($db, 54, "Land:"); ?></td>
      <td><select name="land" <? if ($rstufe == 4 && !$verrmodul) echo "disabled"; ?>><?php
	$query = "select kl_num, kl_land from key_land order by kl_land";
	$result = QueryDB($db, $query);
	$numrows = numrowsDB($result);
	$row = 0;

	while ($row < $numrows) {
	   $data = fetchDB($result, $row);
	   $kl_num = $data[0];
	   $kl_land = $data[1];

	   if ($kl_num == $mi_land) {
	      echo "<option selected value=\"$kl_num\">$kl_land</option>\n";
	   } else {
	      echo "<option value=\"$kl_num\">$kl_land</option>\n";
	   }

	   $row++;
	}
?>
         </select>
      </td>
   </tr>
   <tr>
      <td><? Output($db, 55, "Abteilung:"); ?></td>
      <td><select name="abt" <? if ($rstufe == 4 && !$verrmodul) echo "disabled"; ?>><?php
	$query = "select ka_num, ka_abt from key_abt order by ka_abt";
	$result = QueryDB($db, $query);
	$numrows = numrowsDB($result);
	$row = 0;

	while ($row < $numrows) {
	   $data = fetchDB($result, $row);
	   $ka_num = $data[0];
	   $ka_abt = $data[1];

	   if ($ka_num == $mi_abt) {
	      echo "<option selected value=\"$ka_num\">$ka_abt</option>\n";
	   } else {
	      echo "<option value=\"$ka_num\">$ka_abt</option>\n";
	   }

	   $row++;
	}
?>
         </select>
      </td>
   </tr>
   <tr>
      <td><? Output($db, 56, "Telefonnummer:"); ?></td>
      <td><input type="text" name="tel" value="<? echo "$mi_tel"; ?>" <? if ($rstufe == 4 && !$verrmodul) echo "disabled"; ?> size=30 maxlength=50></td>
   </tr>
   <tr>
      <td><? Output($db, 57, "E-Mailadresse:"); ?></td>
      <td><input type="text" name="mail" value="<? echo "$mi_mail"; ?>" <? if ($rstufe == 4 && !$verrmodul) echo "disabled"; ?> size=40 maxlength=80></td>
   </tr>
   <tr>
      <td><? Output($db, 58, "Planbar:"); ?></td>
      <td><input type="checkbox" name="planbar" <? if (isset($mi_plan) && $mi_plan) echo "checked"; if ($rstufe == 4 && !$verrmodul) echo " disabled"; ?>></td>
   </tr>
   <tr>
      <td><? Output($db, 59, "Sprache:"); ?></td>
      <td><select name="mi_lang" <? if ($rstufe == 4 && !$verrmodul) echo "disabled"; ?>>
             <option <? if ($mi_lang == "ger") echo "selected"; ?> value="ger">Deutsch</option>
             <option <? if ($mi_lang == "eng") echo "selected"; ?> value="eng">English</option>
	  </select>
      </td>
   </tr>
<?
	Tagsatz($db, $minum);
?>
   <tr>
      <th class="sel" colspan=2><? Output($db, 60, "Zugangsdaten"); ?></th>
   </tr>
   <tr>
      <td><? Output($db, 61, "Benutzername:"); ?></td>
      <td><input type="text" class="inputmust" name="userid" value="<? echo "$mi_userid"; ?>" <? if ($rstufe == 4 && !$verrmodul) echo "disabled"; ?> size=8 maxlength=8></td>
   </tr>
   <tr>
      <td><? Output($db, 62, "Berechtigungsstufe:"); ?></td>
      <td><select name="mi_rstufe" <? if ($rstufe == 4 && !$verrmodul) echo "disabled"; ?>>
             <option <? if ($mi_rstufe == 0) { echo "selected"; } ?> value="0"><? Output($db, 63, "Verwaltung (nur!)"); ?></option>
	     <option <? if ($mi_rstufe == 1) { echo "selected"; } ?> value="1"><? Output($db, 64, "Administrator"); ?></option>
	     <option <? if ($mi_rstufe == 2) { echo "selected"; } ?> value="2"><? Output($db, 65, "Projektleiter"); ?></option>
	     <option <? if ($mi_rstufe == 3) { echo "selected"; } ?> value="3"><? Output($db, 66, "Mitarbeiter"); ?></option>
	     <option <? if ($mi_rstufe == 4) { echo "selected"; } ?> value="4"><? Output($db, 67, "Kontroller"); ?></option>
	     <option <? if ($mi_rstufe == 5) { echo "selected"; } ?> value="5"><? Output($db, 68, "Kein Zugang"); ?></option>
	     <option <? if ($mi_rstufe == 6) { echo "selected"; } ?> value="6"><? Output($db, 69, "Ressourcenmanager"); ?></option>
	     <option <? if ($mi_rstufe == 7) { echo "selected"; } ?> value="7"><? Output($db, 70, "Revisor"); ?></option>
	  </select>
      </td>
   </tr>
   <tr>
      <td><? Output($db, 71, "Passwort:"); ?></td>
      <td><input type="password" class="inputmust" name="pass1" value="<? echo "$mi_passwd"; ?>" <? if ($rstufe == 4 && !$verrmodul) echo "disabled"; ?> size=8></td>
   </tr>
   <tr>
      <td><? Output($db, 72, "Passwort Vergleich:"); ?></td>
      <td><input type="password" name="pass2" <? if ($rstufe == 4 && !$verrmodul) echo "disabled"; ?> size=8 maxlength=8></td>
   </tr>
<?php
	if ($mi_hacker > 0) {
?>
   <tr>
      <td><? Output($db, 75, "Hackerkennzeichen l&ouml;schen?:"); ?></td>
      <td><input type="checkbox" name="mi_hacker" <? if ($rstufe == 4 && !$verrmodul) echo "disabled"; ?> value=1></td>
   </tr>
<?php
	}
?>
</table>
<table class="indent"><tr><td>
<?
	ButtonSubmit(GetMessage($db, 45, "Speichern"), "edit");
?>
</td></tr></table>
</form>
<?
	closeDB($db);
}

function CheckNewMi($unum, $headline, $menu, $rstufe) {
	global $verrmodul;

	$mi_vname = $_REQUEST['vname'];
	$mi_nname = $_REQUEST['nname'];
	$mi_land = $_REQUEST['land'];
	$mi_abt = $_REQUEST['abt'];
	$mi_tel = $_REQUEST['tel'];
	$mi_mail = $_REQUEST['mail'];
	$mi_rstufe = $_REQUEST['mi_rstufe'];
	$mi_userid = $_REQUEST['userid'];
	$mi_plan = $_REQUEST['planbar'];
	$mi_lang = $_REQUEST['mi_lang'];
	$pass1 = $_REQUEST['pass1'];
	$pass2 = $_REQUEST['pass2'];

	if ($verrmodul) {
	   $tg_valid_from = $_REQUEST['tg_valid_from'];
	   $tg_amount = $_REQUEST['tg_amount'];
	   $tg_nightr = $_REQUEST['tg_nightr'];
	   $tg_ration = $_REQUEST['tg_ration'];
	   $tg_kmcar = $_REQUEST['tg_kmcar'];
	   $tg_kmdrain = $_REQUEST['tg_kmdrain'];
	   $tg_kmplain = $_REQUEST['tg_kmplain'];
	   $tg_whg = $_REQUEST['tg_whg'];
	}

	$err = 0;

	if ($rstufe != 4 && !strlen($mi_vname)) {
	   Error(GetMessage(-1, 76, "Sie m&uuml;ssen einen Vornamen eingeben!"));
	   $err = 1;
	}

	if ($rstufe != 4 && !strlen($mi_nname)) {
	   Error(GetMessage(-1, 77, "Sie m&uuml;ssen einen Nachnamen eingeben!"));
	   $err = 1;
	}

	if ($rstufe != 4 && $mi_rstufe != 5 && (strlen($pass1) < 4 || $pass1 != $pass2)) {
	   Error(GetMessage(-1, 78, "Sie m&uuml;ssen zwei mal das gleiche Passwort eingeben und es muss mindestens 4 Zeichen lang sein!"));
	   $err = 1;
	}

	if ($verrmodul) {
	   if (!isset($tg_valid_from) || strlen($tg_valid_from) < 6 || str_wordcount($tg_valid_from, ".") != 3) {
	      Error(GetMessage(-1, 79, "Kein oder ung&uuml;ltiges Datum! Sie m&uuml;ssen ein g&uuml;ltiges Datum eingeben!"));
	      $err = 1;
	   }

	   if (!isset($tg_amount) || strlen($tg_amount) <= 0 || $tg_amount <= 0.0) {
	      Error(GetMessage(-1, 80, "Sie m&uuml;ssen einen Tagsatz gr&ouml;&szlig;er 0,0 eingeben!"));
	      $err = 1;
	   }

	   $tg_valid_from = DateToDBDate($tg_valid_from);
	}

	$db = OpenDB();

	if ($rstufe != 4) {
	   $query = "select count(*) from mitarbeiter where mi_userid = '$mi_userid'";

	   if (!($result = QueryDB($db, $query)))
	      return;

	   $data = fetchDB($result, 0);
	   $anz = $data[0];

	   if ($anz > 0) {
	      Error(GetMessage(-1, 81, "Der von ihnen angegebene >>Benutzername<< existiert bereits!<br>&nbsp;&nbsp;&nbsp;&nbsp;Bitte verwenden sie einen anderen, bisher noch nicht verwendeten Benutzernamen!"));
	      $err = 1;
	   }
	}

	if ($err == 1) {
	   EditMi(0, $unum, $headline, $menu, $rstufe);
	   return false;
	}

	# An dieser Stelle haben wir eine gepruefte Datenbasis, welche wir
	# als neuen Datensatz speichern koennen.
	$query = "select co_mitarbeiter from counter";
	
	if (!($result = QueryDB($db, $query))) {
	   closeDB($db);
	   return false;
	}

	$data = fetchDB($result, 0);
	$mi_num = $data[0] + 1;

	if ($verrmodul) {
	   $query = "select co_tagsatz from counter";

	   if (!($result = QueryDB($db, $query))) {
	      closeDB($db);
	      return false;
	   }

	   $data = fetchDB($result, 0);
	   $tg_num = $data[0] + 1;
	}

	if ($rstufe != 4) {
	   QueryDB($db, "begin");

	   if ($mi_rstufe == 5)
	      $mi_passwd = "";
	   else
	      $mi_passwd = md5($pass1);

	   if (isset($mi_plan))
	      $mi_plan = "true";
	   else
	      $mi_plan = "false";

	   $query = "insert into mitarbeiter (mi_num, mi_vname, mi_nname, mi_land, ";
	   $query .= "mi_abt, mi_tel, mi_mail, mi_rstufe, mi_userid, mi_passwd, ";
	   $query .= "mi_hacker, mi_plan, mi_lang) ";
	   $query .= "values ($mi_num, '$mi_vname', '$mi_nname', $mi_land, ";
	   $query .= "$mi_abt, '$mi_tel', '$mi_mail', $mi_rstufe, '$mi_userid',";
	   $query .= "'$mi_passwd', 0, $mi_plan, '$mi_lang')";

	   if (!QueryDB($db, $query)) {
	      QueryDB($db, "rollback");
	      closeDB($db);
	      return false;
	   }

	   $query = "update counter set co_mitarbeiter = $mi_num";

	   if (!QueryDB($db, $query)) {
	      QueryDB($db, "rollback");
	      closeDB($db);
	      return false;
	   }
	}

	if ($verrmodul) {
	   $tg_amount = str_replace(",", ".", $tg_amount);
	   $tg_nightr = str_replace(",", ".", $tg_nightr);
	   $tg_ration = str_replace(",", ".", $tg_ration);
	   $tg_kmcar = str_replace(",", ".", $tg_kmcar);
	   $tg_kmdrain = str_replace(",", ".", $tg_kmdrain);
	   $tg_kmplain = str_replace(",", ".", $tg_kmplain);

	   $query = "insert into tagsatz (tg_num, tg_valid_from, tg_amount, ";
	   $query .= "tg_nightr, tg_ration, tg_kmcar, tg_kmdrain, ";
	   $query .= "tg_kmplain, tg_whg, tg_minum) values ($tg_num, ";
	   $query .= "'$tg_valid_from', $tg_amount, ";
	   $query .= "$tg_nightr, $tg_ration, $tg_kmcar, $tg_kmdrain, ";
	   $query .= "$tg_kmplain, $tg_whg, $mi_num)";

	   if (!QueryDB($db, $query)) {
	      QueryDB($db, "rollback");
	      closeDB($db);
	      return false;
	   }

	   $query = "update counter set co_tagsatz = $tg_num";

	   if (!QueryDB($db, $query)) {
	      QueryDB($db, "rollback");
	      closeDB($db);
	      return false;
	   }
	}

	QueryDB($db, "commit");
	Journal(201, "Mitarbeiter: $mi_num = $mi_nname $mi_vname", $db);
	closeDB($db);
	return true;
}

function CheckEditMi($mi_num, $unum, $headline, $menu, $rstufe) {
	global $verrmodul;

	$mi_vname = $_REQUEST['vname'];
	$mi_nname = $_REQUEST['nname'];
	$mi_land = $_REQUEST['land'];
	$mi_abt = $_REQUEST['abt'];
	$mi_tel = $_REQUEST['tel'];
	$mi_mail = $_REQUEST['mail'];
	$mi_rstufe = $_REQUEST['mi_rstufe'];
	$mi_userid = $_REQUEST['userid'];
	$mi_plan = $_REQUEST['planbar'];
	$mi_lang = $_REQUEST['mi_lang'];
	$pass1 = $_REQUEST['pass1'];
	$pass2 = $_REQUEST['pass2'];
	$mi_hacker = $_REQUEST['mi_hacker'];

	if ($verrmodul) {
	   $tg_num = $_REQUEST['tg_num'];
	   $tg_valid_from = $_REQUEST['tg_valid_from'];
	   $tg_amount = $_REQUEST['tg_amount'];
	   $tg_nightr = $_REQUEST['tg_nightr'];
	   $tg_ration = $_REQUEST['tg_ration'];
	   $tg_kmcar = $_REQUEST['tg_kmcar'];
	   $tg_kmdrain = $_REQUEST['tg_kmdrain'];
	   $tg_kmplain = $_REQUEST['tg_kmplain'];
	   $tg_whg = $_REQUEST['tg_whg'];
	}

	$err = 0;

	if ($rstufe != 4 && !strlen($mi_vname)) {
	   Error(GetMessage(-1, 76, "Sie m&uuml;ssen einen Vornamen eingeben!"));
	   $err = 1;
	}

	if ($rstufe != 4 && !strlen($mi_nname)) {
	   Error(GetMessage(-1, 77, "Sie m&uuml;ssen einen Nachnamen eingeben!\n"));
	   $err = 1;
	}

	if ($verrmodul) {
	   if (!isset($tg_valid_from) || strlen($tg_valid_from) < 6 || str_wordcount($tg_valid_from, ".") != 3) {
	      Error(GetMessage(-1, 79, "Kein oder ung&uuml;ltiges Datum! Sie m&uuml;ssen ein g&uuml;ltiges Datum eingeben!"));
	      $err = 1;
	   }

	   if (!isset($tg_amount) || strlen($tg_amount) <= 0 || $tg_amount <= 0.0) {
	      Error(GetMessage(-1, 80, "Sie m&uuml;ssen einen Tagsatz gr&ouml;&szlig;er 0,0 eingeben!"));
	      $err = 1;
	   }

	   $tg_valid_from = DateToDBDate($tg_valid_from);
	}

	if ($rstufe != 4 && $mi_rstufe != 5 && strlen($pass1) == 32 && !strlen($pass2)) {
	   $pass2 = $pass1;
	}

	if ($rstufe != 4 && $mi_rstufe != 5) {
	   if (strlen($pass1) > 8 && strlen($pass1) != 32) {
	      Error(GetMessage(-1, 82, "Ung&uuml;ltiges Passwort!"));
	      $err = 1;
	   } else if (strlen($pass1) < 4 || $pass1 != $pass2) {
	      Error(GetMessage(-1, 78, "Sie m&uuml;ssen zwei mal das gleiche Passwort eingeben und es muss mindestens 4 Zeichen lang sein!\n"));
	      $err = 1;
	   }
	}

	if ($err == 1) {
	   EditMi($mi_num, $unum, $headline, $menu, $rstufe);
	   return false;
	}

	# An dieser Stelle haben wir eine gepruefte Datenbasis, welche wir
	# als neuen Datensatz speichern koennen.
	if ($rstufe != 4 && $mi_rstufe != 5) {
	   if (strlen($pass1) <= 8) {
	      $mi_passwd = md5($pass1);
	   } else {
	      $mi_passwd = $pass1;
	   }
	} else {
	   $mi_passwd = "";
	}

	if (isset($mi_plan))
	   $mi_plan = "true";
	else
	   $mi_plan = "false";

	$db = OpenDB();

	if ($verrmodul) {
	   if (isset($tg_num) && $tg_num > 0) {
	      $query = "select count(*) from tagsatz where ";
	      $query .= "tg_valid_from > '$tg_valid_from' and ";
	      $query .= "tg_minum = $mi_num";

	      if (!($result = QueryDB($db, $query))) {
		 closeDB($db);
		 return false;
	      }

	      $data = fetchDB($result, 0);

	      if ($data[0] > 0) {
		 Error(GetMessage($db, 83, "Das \"g&uuml;ltig ab\"&minus;Datum ist kleiner als das zuletzt gespeicherte!"));
		 EditMi($mi_num, $unum, $headline, $menu, $rstufe);
		 return false;
	      }

	      $query = "select to_char(tg_valid_from, 'YYYY-MM-DD') from tagsatz where tg_num = $tg_num";

	      if (!($result = QueryDB($db, $query))) {
		 closeDB($db);
		 return false;
	      }

	      $data = fetchDB($result, 0);

	      if ($tg_valid_from == $data[0])
		 $update = true;
	      else
		 $update = false;
	   } else
	      $update = false;

	   if (!$update) {
	      $query = "select co_tagsatz from counter";

	      if (!($result = QueryDB($db, $query))) {
		 closeDB($db);
		 return false;
	      }

	      $data = fetchDB($result, 0);
	      $co_tagsatz = $data[0] + 1;
	   }
	}

	if (!QueryDB($db, "begin")) {
	   closeDB($db);
	   return false;
	}

	if ($rstufe != 4) {
	   $query = "update mitarbeiter set ";
	   $query .= "mi_vname = '$mi_vname', mi_nname = '$mi_nname', mi_land = $mi_land, ";
	   $query .= "mi_abt = $mi_abt, mi_tel = '$mi_tel', mi_mail = '$mi_mail', ";
	   $query .= "mi_rstufe = $mi_rstufe, mi_userid = '$mi_userid', mi_passwd = '$mi_passwd', ";
	   $query .= "mi_plan = $mi_plan, mi_lang = '$mi_lang' ";

	   if (isset($mi_hacker)) {
	      $query .= ", mi_hacker = 0 ";
	   }

	   $query = $query . "where mi_num = $mi_num";

	   if (!QueryDB($db, $query)) {
	      closeDB($db);
	      return false;
	   }
	}

	if ($verrmodul) {
	   $tg_amount = str_replace(",", ".", $tg_amount);
	   $tg_nightr = str_replace(",", ".", $tg_nightr);
	   $tg_ration = str_replace(",", ".", $tg_ration);
	   $tg_kmcar = str_replace(",", ".", $tg_kmcar);
	   $tg_kmdrain = str_replace(",", ".", $tg_kmdrain);
	   $tg_kmplain = str_replace(",", ".", $tg_kmplain);

	   if ($update) {
	      $query = "update tagsatz set tg_amount = $tg_amount, ";
	      $query .= "tg_nightr = $tg_nightr, tg_ration = $tg_ration, ";
	      $query .= "tg_kmcar = $tg_kmcar, tg_kmdrain = $tg_kmdrain, ";
	      $query .= "tg_kmplain = $tg_kmplain, tg_whg = $tg_whg where ";
	      $query .= "tg_num = $tg_num";

	      if (!QueryDB($db, $query)) {
		 closeDB($db);
		 return false;
	      }
	   } else {
	      $query = "insert into tagsatz (tg_num, tg_valid_from, tg_amount, ";
	      $query .= "tg_nightr, tg_ration, tg_kmcar, tg_kmdrain, ";
	      $query .= "tg_kmplain, tg_whg, tg_minum) values ($co_tagsatz, ";
	      $query .= "'$tg_valid_from', $tg_amount, ";
	      $query .= "$tg_nightr, $tg_ration, $tg_kmcar, $tg_kmdrain, ";
	      $query .= "$tg_kmplain, $tg_whg, $mi_num)";

	      if (!QueryDB($db, $query)) {
		 QueryDB($db, "rollback");
		 closeDB($db);
		 return false;
	      }

	      if (isset($tg_num) && $tg_num > 0) {
		 $query = "update tagsatz set tg_valid_to = '$tg_valid_from' where tg_num = $tg_num";

		 if (!QueryDB($db, $query)) {
		    QueryDB($db, "rollback");
		    closeDB($db);
		    return false;
		 }
	      }

	      $query = "update counter set co_tagsatz = $co_tagsatz";

	      if (!QueryDB($db, $query)) {
		 QueryDB($db, "rollback");
		 closeDB($db);
		 return false;
	      }
	   }
	}

	QueryDB($db, "commit");
	Journal(303, "Mitarbeiter: $mi_num = $mi_nname $mi_vname", $db);
	closeDB($db);
	return true;
}

function DelMi($minum) {
	global $menu;
	global $headline;
	global $verrmodul;

	$db = OpenDB();
	$query = "select mi_nname, mi_vname from mitarbeiter where mi_num = $minum";

	if (!($result = QueryDB($db, $query))) {
	   closeDB($db);
	   return;
	}

	$data = fetchDB($result, 0);
	$mi_nname = $data[0];
	$mi_vname = $data[1];
	$nav = "minum=$minum&menu=$menu&headline=$headline";
?>
<form name="Alarm" method="post">
<table class="alarm" border=1>
   <tr><td colspan=2 align="center">Wollen Sie wirklich den Mitarbeiter<br>
       <? echo "$mi_nname $mi_vname" ?><br>
<?
	if ($verrmodul)
	   echo "mit seinen Tags&auml;tzen ";
?>
       l&ouml;schen?</td>
   </tr>
   <tr>
      <td align="center"><input type="button" name="yes" value="Loeschen" onClick="javascript:MoveTo('edit_mi.php','func=delete&yes=yes&<? echo "$nav"; ?>')"></td>
      <td align="center"><input type="button" name="no" value="Abbruch" onClick="javascript:MoveTo('edit_mi.php','no=no&<? echo "$nav"; ?>')"></td>
   </tr>
</table>
</form>
<?
}

function DeleteMi($minum) {
	global $verrmodul;

	if ($minum <= 0) {
	   Error("DeleteMi: Interner Fehler: Mitarbeiternummer des zu l&ouml;schenden Mitarbeiters fehlt!");
	   return;
	}

	$db = OpenDB();

	if (!QueryDB($db, "begin")) {
	   closeDB($db);
	   return;
	}

	$query = "delete from tagsatz where tg_minum = $minum";

	if (!QueryDB($db, $query)) {
	   QueryDB($db, "rollback");
	   closeDB($db);
	   return;
	}

	$query = "delete from mitarbeiter where mi_num = $minum";

	if (!QueryDB($db, $query)) {
	   QueryDB($db, "rollback");
	   closeDB($db);
	   return;
	}

	QueryDB($db, "commit");
	closeDB($db);
}

$minew = $_REQUEST['minew'];
$miedit = $_REQUEST['miedit'];
$midel = $_REQUEST['midel'];
$func = $_REQUEST['func'];

if (isset($knopf) && $knopf == 30)
   EditMitarbeiter();

if (isset($func)) {
   if ($func == "CheckNewMi") {
      if (CheckNewMi($unum, $headline, $menu, $rstufe)) {
/*         echo "<p class=\"cry\">Daten wurden erfolgreich gespeichert!</p>\n";
	 echo "<form name=\"forms\" action=\"forms.php\" method=\"post\">";
	 echo "<input type=\"hidden\" name=\"unum\" value=\"$unum\">";
	 echo "<input type=\"hidden\" name=\"headline\" value=\"4\">";
	 echo "<input type=\"hidden\" name=\"menu\" value=\"$menu\">";
	 echo "<input type=\"hidden\" name=\"rstufe\" value=\"$rstufe\">";
	 echo "<input type=\"hidden\" name=\"knopf\" value=\"30\">";
	 Button("Weiter -->", "forms");
	 echo "</form>\n"; */
	 EditMitarbeiter();
      }
   }

   if ($func == "CheckEditMi") {
      $minum = $_REQUEST['minum'];

      if (CheckEditMi($minum, $unum, $headline, $menu, $rstufe)) {
         echo "<p class=\"cry\">Daten wurden erfolgreich gespeichert!</p>\n";
/*	 echo "<form name=\"forms\" action=\"forms.php\" method=\"post\">";
	 echo "<input type=\"hidden\" name=\"unum\" value=\"$unum\">";
	 echo "<input type=\"hidden\" name=\"headline\" value=\"4\">";
	 echo "<input type=\"hidden\" name=\"menu\" value=\"$menu\">";
	 echo "<input type=\"hidden\" name=\"rstufe\" value=\"$rstufe\">";
	 echo "<input type=\"hidden\" name=\"knopf\" value=\"30\">";
	 Button("Weiter -->", "forms");
	 echo "</form>\n"; */
	 EditMitarbeiter();
      }
   }

   if ($func == "delete" && $_REQUEST['yes'] == "yes") {
      $minum = $_REQUEST['minum'];

      if (DeleteMi($minum)) {
         Journal(106, "Mitarbeiter: $minum");
         echo "<p class=\"cry\">Mitarbeiter wurde erfolgreich gel&ouml;scht!</p>\n";
      }

/*      echo "<form name=\"forms\" action=\"forms.php\" method=\"post\">";
      echo "<input type=\"hidden\" name=\"unum\" value=\"$unum\">";
      echo "<input type=\"hidden\" name=\"headline\" value=\"4\">";
      echo "<input type=\"hidden\" name=\"menu\" value=\"$menu\">";
      echo "<input type=\"hidden\" name=\"rstufe\" value=\"$rstufe\">";
      echo "<input type=\"hidden\" name=\"knopf\" value=\"30\">";
      Button("Weiter -->", "forms");
      echo "</form>\n"; */
      EditMitarbeiter();
   }
}

if (isset($minew)) {
   NewMi($unum, $headline, $menu, $rstufe);
}

if (isset($miedit)) {
   EditMi($miedit, $unum, $headline, $menu, $rstufe);
}

if (isset($midel) && $midel > 0) {
   DelMi($midel);
}

require('footer.inc');
?>
